SHA-1 crack just got real: System Center uses it to talk to Linux 

When Google revealed last week that it had destroyed the SHA-1 algorithm, it hammered another nail into the venerable algo’s coffin.But as we noted in our report on the feat, many applications still use SHA-1. And if you’re one of the many Windows shops running Microsoft’s System Center Operations Manager Management Server, you’ve got an exposure.Your problem stems from the fact that System Center 2016 RTM uses the sha1WithRSAEncryption signing algorithm for the both agent certificates and signing certificates, for the agents needed to hook Unix and Linux clients to the management tool.Microsoft has since made the more secure SHA256 algorithm the default in System Center 2012 R2 Operations Manager UR12 and System Center 2016 Operations Manager UR2. But ye olde version 2016 RTM still has SHA-1 sputtering away under the hood and you therefore probably have certs signed with the ancient algo that need upgrading.

Source: SHA-1 crack just got real: System Center uses it to talk to Linux • The Register

Categories: Uncategorized

Post navigation

Comments are closed.

Blog at

%d bloggers like this: